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1 uy 5iuiu> sioiuig wiimn, as opposed to addressing. " " " — • 
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1. ^euauiy aemiing ana eniorcmg inc condtUons and requirements under which an action that otherwise absolutely cannot be taken, will Si aUowed, 
and the mannerm which it may occur Absent verified satisfaction of those conditions and requirements, the action camiot be taken by any user, pmUss 
or device. In VDE, an acUon is controlled through execution of the applicable VDE contn)l(s) within a VDE Secure Processing Environment. 

2. More specifically, in VpE, controlling is effected by use of VDE contmla, VDE secure container, and VDE foundation (including VDE Secure 
Procwing Environment, object registration, and other mechanisms for allegedly individually ensuring that specific controls are enforced vis-i-vis 
specific objects (and their content at an arbitrary granular level) and specific *^Iscrs.") 

1 


« u.8.». u.« wmco nas oeen copiea at i«m once, not tHe copy itself. A "copy" is what is fotmed by a copying opetation. and It may or may iot be 
encrypted, ephemeral, usable, or accessible. - * - r ^ / »«v 


10 iiupiicaie a diglUI lile or other complete physical block ot data trom one location on a storage medium to another location on tl>e sirnieordifreirot 
storage medium, leavmg the onginal block of data unchanged, such that two distinct and independent objects exist. Although the layout of the data 
values m physical stoiage may differ from the original, the resulting "copy" is logically Indistinguishable from the original. The lesulting "copy" may or 
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Preliffliiiary Coostruction ~ ' 
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cAccuuuu .puce: A prxKCSSor-addxessable physical memoiy into which data and executable code can be loaded, which is assigned to a single executing 
process while that process is actively executmg. Memory holding "swapped out" processes or executables isVot part of an "execution spie" 
execution space identifier: A value that uniquely identifies a particular execution space. 

[This shall be construed in connection with a disnuted claim nhrase 1 


govern, governing, governed: Sec control (v.) — _ _ _ 

governed item: Information, of arbitrarily fine granularity, whose access and use by any user, process, or device which is controUed. 


oiuppmg execution or a rumung ^execuung) process unconditionally (i.e.. without providing any specific condition for resumption) For example 

executing an mstiuclion known as a "breakpoint halt mstruction." rorc^ampie, 

— ^ i 


A processmg environment withm a VDL node which is not a Secure Processing Environment. A \osi processing envirb-mncnt" may either be 

secure or not secure. A secure host processing environment is a self-contained protected processing environment, formed by loaded, 
executable programming executing on a general purpose CPU (not a Secure Processing Unit ) nmning in protected (privileged) mode. A "non- 
secure host processmg envuonmem is formed by loaded, executable programming executing on a general purpose CPU (not a Secure Processing 
Unit) runmng in user mode. ^ o r v k 

, : 1 


lacnuiicr: Any text stnng used as a label naming an individual instance of what it identifies. 1 

identify: To establish as being a particular instance of a peraon or thing. 


^wim respect to a aigiui me, control, authorization information, Secure Processing Environment, descriptive data structure, element, load 
module, header, or secure conUiner): Physically storing within, as opposed to addressing. 


miorraauon tnat once was stored but is no longer stored. ■ ' — : 
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programming, 
executable (2) 


execution space 
identifier 

generating 


govern, governed; 
governed item, 
governing 
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Preliminaiy Construction 
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Mamtaimng tne secunty ol. ~ : : 


M .uuuuiL umi u a u,..ccuou uu.elOs (elcuentsj. each with its own name and type. Unlike an anay. whose elemenU iire accessed using an imiex 
the elements of a record are accessed by name. A record can be accessed as a coUective unit of elements, ot the eiemeats can be accessed individually. 
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A ixcurd contammg control lotormation. which record is stored and acted upon within a processing environment. 


n lexical siaicmcni max states a conomon under which access to or use of^ VDE-protcctcd data wJU be allowed by a VdE control. A rule my specify 
how, when, where, and by whom a particular activity on particular information is to be aUowed. 


/V suiic iu wuicu ttu uicis 01 a sysiem aic guaranteed that aU mtormation, processes, and devices within the system, shall tave their availabiUty secrecy 
j Integrity and authenticity maintained against all of the identified threats thereto. "Availability-* means the property that information is acces^ble and 
1 usable upon demand by authorized persons, at least to the extent that no user may delete the information without authorization. "Secrecy " also 
referred to as confidentiality, means the property that information (including computer processes) is not made available or disclosed to unauthorized 
persons or processes. "Integrity^' means the property that informaUon has not been altered either intentionally or accidentally. "Authenticity" means the 
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Prdiminary ConstructioD 


H.^F^ujr uiai uic cnajagicnsacs asscnea aooui a person, device, program, information, or process arc genuine and timely, particularly as to identity, data 
mtegnty, and ongin mtegnty. ' 


V uo i«;ure coDiamer is a seir-contamed, seu-ptotecting data sinictuie which (a) ncapsaUtes infoimatioo of arbittaiy size, type, fomSriHH 

orgBDiutioii, including other, nested, containers, (b) cryptographically protects that infonnation from all unauthorized access and use, (c) provides 
enc,ypt«i storage management functions for that information, such as hiding the physical storage location(s) of its protected contents, (d) p«mits the 
association of itself or it. contents with contr«U and control information governing access to and use thereof, and (e) prevents such useoracceM (as 

"'^'y.P7'"«°8 d^iyptiotj) until it is "opened." A secure wntainer can be opened only as expressly aUowed by the associated VDE 
controKs), only within a Secure Processbig Environment, and only through decryption of its encrypted header. A secure container is not directly 
accessible to non-VDE or user calling process. All such calls are intercepted by VDE. The creator of a secure container can assign (or allow others 
to assign) control informatioo to any arbitrary portion of a secure container's contents, or to an empty secure container (to govern the later addition of 
contents to the eonuuner, and access to or use of those contents). A container is not a secure container merely because its contents are encrypted and 
signed A secure contamer is itself secure. All VDE-protected infomuUion (including protected content, information about content usage and content- 
confrol Information, controls, and load module) is encapsulated vwthin a secure container whenever stored outside a Secure Procesilne 
Environment or secure database. * 


n govemeo item proiecteo oy a secure container A secure container governed item may not be accessed or used In any way. by any user process or 
S*^'brK«^tioa'' "'""'^^ controKs) executing in a VDE Secure Processing Environment and satisftcUon of all requirement 


/V niic proieccea oy a secure conumer. A secure container mle may not be accessed or used in any my, by any user, process, or device, except as 
^^'lu^ "»oci«ted VDE control{s) executing in a VDE Secure Processing Environment and satisfaction of aU requirements imposed by such 

A data store isolated from all users such tiial it is protected from external observation; and accidental or intentional alteration or destniction. In VDE, a 


secure oaiaoase sioies uacjong, ojiimg, payment, and auditing data until the data is delivered securely to an authorized clearinghouse. 
An allocated portion of tixe secure memoiy witiiin a special-puipose Secure Processing Unit wWcli is Isolated the rest o( the world, and 
protected from observation by (and encapsuUted witiiin) a tamper resUtant barrier and protected from alteration by the processor. The processor 
cryptographically verifies the mtegrity of all code loaded from secure memoiy prior to execution, executes only tiie code tiiat tiie processor has 
authenticated for its use, and is otherwise secure. 


memory; A medium m wmcn data (mcluding executable mstnictions) may be stored and from which it may be retrieved. "Memory'* does not include a 
'Virtual memory." 

secure memory: A processor-addressable memory witiiin a special-purpose Secure Processhig Unit which is isolated from tiie rest of Uie world by 
(and encapsulated witiiin) a Umper resisUnt barrier. "Processor-addressable" means tiiat a connected processor can use tiie secure memory's 
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secure coniamer rtiic 
secure database 


secure execution space 


secure memory, 
memoiy 
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securely: Performed m a Secure Processing Environment in a mamier that guarantees that each affected information or prciies's remains .eel?;; 

securely applying: marety (1) executing the applied executeUe* (eg.. eontroU) within a VDE secac« execution space, (2) validating and verifying 
SX£^ft^^Mu*l!l'i^""**"*' *"* executable* are applied only in ways lhiirinteodedb7the^E 
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^s^uuuii in a 3«ure execunon space to act upon some infonnation, in a manner tliat ensures that the Infonnation and dbe pioccssiigTSHSm 

secure. . 


^cccivmg Gigiiai mionnauon m a secure conUlner, as part of a communication encrypted on the communications level, at a Secure Processiii 
Environment authenticated in accordance with VDE controls associated with the secure container. 


5ce secure. ~ — 


HJi oruereu measure ol me degree ot security. Ihe "secunty level" is persistent unless expressly noted to exist only some of the time. " Also, the " " 
combmation of a hierarchical classification and a set of nonhierarchical categories that represents the sensitivity of an object or the clearance of a 
subject For example. Unclassified. Confidential, Secret, and Top Secret are hierarchical classifications, whereas NATO and NOFORN are non- 
hierarchical categories defined by the DoD Trusted Computing guidelines. 


1 1 njs will oe construed m connection with disputed claim phrases] 


lamptr resistance: i ne anility ot a Umper resistant barrier to prevent access, observation, and interference with information or processing 
eocapsolated by the barrier. 
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specinc mlormation, 
specified information 


tamper resistance - 
tamper) 
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